An alleged malware attack against IDT Solutions AS in April 2023 has led to suspicions of insurance fraud, after several irregularities surrounding the company's handling of the incident have come to light. IDT Solutions AS reported that their WooCommerce-based online store, which generated an annual turnover of around NOK 5 million, was infected by malware. Subsequently, the insurance company Fremtind, via Crawford, has issued a recourse notice of NOK 600,000 against both its former web designer and subcontractors such as InfoDesk AS. However, new information suggests that IDT Solutions AS had already started work on developing a new Magento webshop before the attack, which now casts considerable doubt on the company's intentions.
Magento solution ordered before the attack
A key part of the case is the fact that IDT Solutions AS had already hired Kloner AS to build a Magento-based online store, before the alleged malware attack took place. This was confirmed by the CEO of IDT Solutions AS to InfoDesk AS, and this information has contributed to casting doubt on the legitimacy of the insurance claim. For its part, the insurance company Fremtind via Crawford has assumed that the company's website had a turnover of close to NOK 100 million, a figure that is in stark contrast to the actual figures of approximately NOK 5 million in turnover for the online store idtsports.com when the attack occurred.
Reaction from the insurance company and InfoDesk AS' role
InfoDesk AS, which was a subcontractor for the web designer behind the WooCommerce solution, was also dragged into the case through the insurance company's recourse notice. At an early stage, InfoDesk AS published an article about the incident, where they questioned how the case was handled. After this, IDT Solutions AS quickly hired the law firm BAHR AS to demand that the article be removed. At the same time, the lawyers claimed that it was the insurance company itself that had recommended the transition to Magento as a replacement for the infected WooCommerce platform. This was despite the fact that work on the Magento solution was underway before the attack. - Open Info has been given access to this documentation.
Controversial cost assessment
Another point that has attracted attention is the cost of cleaning up after the malware attack. InfoDesk AS stated early on that cleaning up an infected online store would normally take a few working hours and involve costs of between NOK 5,000 and 6,000. This is in stark contrast to the insurance claim of NOK 600,000 put forward by IDT Solutions AS.
Jason Gordon, an IT security expert from the company Intruig Inc, who has reviewed the files and logs from the case, supports this assessment.
- "Our analysis of the actual material sent to us by InfoDesk AS shows that cleaning up after such an attack would normally require a few hours of work and cost around NOK 5,000 to 6,000," says Gordon. "The fact that IDT Solutions AS has submitted a claim for NOK 600,000, without clear signs of such extensive damage, gives cause for suspicion. We often see attempts to exaggerate the extent of the damage in such cases, and this bears the hallmarks of insurance fraud."
Gordon also points out that IDT Solutions AS itself may have been responsible for many of the problems they are now facing, pointing to the logs that have been retrieved and analyzed.
IDT Solutions AS refused to pay web designer
Further concerns about IDT Solutions AS' business practices have come to light after the company refused to pay the web designer hired to develop the WooCommerce solution. The web designer chose to send the claim to debt collection, and the case ended up in the Conciliation Council, where the web designer won a clear victory. This incident throws a sharp light on the company's attitude to its partners and could potentially be an indicator of how IDT Solutions AS handles its obligations.
No comment from involved parties
Open Info has repeatedly attempted to obtain comments from IDT Solutions AS, Crawford, Fremtind Forsikring, and the law firm representing IDT Solutions AS. All parties have declined our requests for statements. However, the lawyers representing IDT Solutions AS have previously claimed that the insurance company approved the transition to Magento, but have not commented on the allegations that work on the Magento solution started before the malware attack.
The road ahead
The case between IDT Solutions AS and their subcontractors is still under investigation. If Fremtind / Crawford's claim for recourse is successful, it could have significant financial consequences for InfoDesk AS and the web designer. Open Info will continue to follow developments closely.
Related content:
– IDT Solutions AS submitted a sky-high insurance claim after Malware attack
- Case study: IDT Solutions exposed to malware attacks
- Insurance fraud and cyber attacks in Norway
- Hosting companies' responsibility in cybersecurity
English 
Norsk bokmål